Using wildcard certificates
When you use Microsoft Forefront Threat Management Gateway to securely publish multiple Web sites with different host names, you can use multiple SSL server certificates with different names in a single Web listener for the SSL handshake with Web clients. However, when multiple SSL server certificates are specified in a single Web listener, you must assign each certificate to a different IP address on the Forefront TMG computer. Alternatively, you can securely publish multiple Web sites with different host names by using a single Web listener if you specify a wildcard certificate in the Web listener.
Similarly, when you publish multiple Web sites with different host names on the same Web server, you can install a wildcard certificate on the Web server that can be used to prove the identity of the Web server to the Forefront TMG computer.
This section includes the following topics with instructions for using wildcard certificates.